Skip to content

Commit dfdc776

Browse files
tirkarthitirkarthi
committed
Prefix dot only for suffix check and add test
1 parent 2816aa8 commit dfdc776

File tree

2 files changed

+29
-3
lines changed

2 files changed

+29
-3
lines changed

Lib/http/cookiejar.py

Lines changed: 4 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -1169,13 +1169,14 @@ def domain_return_ok(self, domain, request):
11691169
# Liberal check of. This is here as an optimization to avoid
11701170
# having to load lots of MSIE cookie files unless necessary.
11711171
req_host, erhn = eff_request_host(request)
1172+
suffix_check_domain = domain
11721173
if not req_host.startswith("."):
11731174
req_host = "."+req_host
11741175
if not erhn.startswith("."):
11751176
erhn = "."+erhn
1176-
if not domain.startswith("."):
1177-
domain = "."+domain
1178-
if not (req_host.endswith(domain) or erhn.endswith(domain)):
1177+
if suffix_check_domain and not suffix_check_domain.startswith("."):
1178+
suffix_check_domain = "." + suffix_check_domain
1179+
if not (req_host.endswith(suffix_check_domain) or erhn.endswith(suffix_check_domain)):
11791180
#_debug(" request domain %s does not match cookie domain %s",
11801181
# req_host, domain)
11811182
return False

Lib/test/test_http_cookiejar.py

Lines changed: 25 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -961,6 +961,31 @@ def test_domain_block(self):
961961
c.add_cookie_header(req)
962962
self.assertFalse(req.has_header("Cookie"))
963963

964+
c.clear()
965+
966+
pol.set_blocked_domains([])
967+
req = urllib.request.Request("http://acme.com/")
968+
res = FakeResponse(headers, "http://acme.com/")
969+
c.extract_cookies(res, req)
970+
self.assertEqual(len(c), 1)
971+
972+
req = urllib.request.Request("http://acme.com/")
973+
c.add_cookie_header(req)
974+
self.assertTrue(req.has_header("Cookie"))
975+
976+
req = urllib.request.Request("http://badacme.com/")
977+
c.add_cookie_header(req)
978+
self.assertFalse(req.has_header("Cookie"))
979+
980+
p = pol.set_blocked_domains(["acme.com"])
981+
req = urllib.request.Request("http://acme.com/")
982+
c.add_cookie_header(req)
983+
self.assertFalse(req.has_header("Cookie"))
984+
985+
req = urllib.request.Request("http://badacme.com/")
986+
c.add_cookie_header(req)
987+
self.assertFalse(req.has_header("Cookie"))
988+
964989
def test_secure(self):
965990
for ns in True, False:
966991
for whitespace in " ", "":

0 commit comments

Comments
 (0)